When using a a IPSec VPN in OSX, I'm getting prompted to re-enter my password every ~45 minutes. After a certain amount of re-connects, no further connection will succeed. I have to restart the laptop by then, which means a restart a day.

Is there a way to reset the IPSec cache etc, so that I don't have to restart?

1 Answer
1

This is actually a bug in Mac OS X, all Cisco IPSec connections have a timeout (hard limit of the lifetime) of 3600 second (60 minutes) because of the soft and hard limit of IPSec connections it is most of the time around 45 to 50 minutes.

You can check the files (with an active IPSec connection) in

/var/run/racoon/

for the limits. On a Terminal type

sudo more /var/run/racoon/*.conf

and you can see the content of the config file for the active IPSec connection, all lifetime values are 3600 seconds

lifetime time 3600 sec

The bug exists since a long time and is still present for example in Mac OS X Mavericks (10.9.1). There is a workaround (more or less) for this check